Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for authenticating a client device with a system having a first server and a second server, the method comprising: at the client device: performing a verification procedure, comprising: generating a first sequence of bytes; sending the first sequence of bytes to the first server; receiving a second sequence of bytes from the first server; sending the first sequence of bytes and the second sequence of bytes to the second server different than the first server, wherein the second server verifies the client device based on the first sequence of bytes and the second sequence of bytes; and receiving a token from the second server, wherein the token is used to authenticate the client device when the client device requests media data from the system.
2. The method as recited in claim 1 , further comprising: subsequent to performing the verification procedure: receiving a request to access the media data; in response to receiving the request to access the media data, issuing a request to the system to access the media data, wherein the request to the system includes the token; and receiving the media data from the system.
3. The method as recited in claim 2 , wherein, when the token is provided with the request to the system, it is not necessary to re-perform a portion of the verification procedure with the system.
4. The method as recited in claim 3 , wherein performing the verification procedure further comprises: generating a value based on a function that is performed on the first sequence of bytes; and sending the value to the second server, wherein the sent value is verified by the second server.
5. The method as recited in claim 1 , wherein performing the verification procedure further comprises: receiving a keyed-hash message authentication code from the first server; and sending the keyed-hash message authentication code to the second server, wherein the sent keyed-hash message authentication code is verified by the second server.
6. The method as recited in claim 1 , wherein performing the verification procedure further comprises: generating a digital signature based on an identifier associated with the client device; and sending the digital signature to the second server, wherein the sent digital signature is verified by the second server.
7. The method as recited in claim 1 , wherein performing the verification procedure further comprises: generating a value, wherein the value is based on a function that is performed on a concatenation of both the first sequence of bytes and the second sequence of bytes; and sending the value to the second server, wherein the sent value is verified by the second server.
8. The method of claim 3 , wherein the first sequence of bytes is randomly generated at the client device.
9. The method of claim 1 , wherein the token is valid for a finite period of time.
10. The method of claim 9 , wherein the verification procedure is performed in response to determining, prior to performing the verification procedure, that the client device is not in possession of a valid token.
11. A method for authenticating a client device with a system having a first server and a second server, the method comprising: performing a verification procedure comprising: at the first server: receiving a first sequence of bytes from the client device, the first sequence of bytes generated at the client device, generating a second sequence of bytes based on the first sequence of bytes, and sending the second sequence of bytes to the client device; and at the second server: receiving the first sequence of bytes and the second sequence of bytes from the client device, verifying the client device based on the first sequence of bytes and the second sequence of bytes, and sending a token to the client device, wherein the token is used to authenticate the client device when the client device requests media data from the system.
12. The method as recited in claim 11 , further comprising: at the second server: receiving a request for media data from the client device; determining whether the client device is in possession of a valid token; and providing the media data to the client device in response to determining the client device is in possession of the valid token.
13. The method as recited in claim 11 , wherein performing the verification procedure is in response to determining, prior to performing the verification procedure that, the client device is not in possession of a valid token.
14. The method as recited in claim 11 , wherein performing the verification procedure further comprises: at the first server: sending a keyed-hash message authentication code to the client device; and at the second server: receiving the keyed-hash message authentication code from the client device, and verifying the client device is further based on the received keyed-hash message authentication code.
15. The method as recited in claim 11 , wherein performing the verification procedure further comprises: at the second server: receiving a value based on both the first sequence of bytes and the second sequence of bytes from the client device and verifying the client device is further based on the received value.
16. A non-transitory computer readable medium configured to store instructions that, when executed by a processor of a client device, cause the client device to perform the steps of: generating a first sequence of bytes; sending the first sequence of bytes to a first server; receiving a second sequence of bytes from the first server; sending the first sequence of bytes and the second sequence of bytes to a second server, wherein second server verifies the client device based on the first sequence of bytes and the second sequence of bytes; and when the client device is verified by the second server: receiving a token from the second server; requesting media data from a system; providing the token to the system; and receiving the media data from the system.
17. The non-transitory computer readable medium of claim 16 , wherein the steps include: receiving a keyed-hash message authentication code from the first server.
18. The non-transitory computer readable medium of claim 16 , wherein the steps include: generating a value, wherein the value is based on a function that is performed on a concatenation of both the first sequence of bytes and the second sequence of bytes.
19. The non-transitory computer readable medium of claim 16 , wherein the steps include: generating a digital signature based on an identifier associated with the client device, and sending the digital signature to the second server.
20. The non-transitory computer readable medium of claim 16 , wherein the steps include: generating verification data based on a result of a function performed on both the first sequence of bytes and the second sequence of bytes.
21. The non-transitory computer readable medium of claim 16 , wherein the steps include: generating verification data using a cryptographic function performed on both the first sequence of bytes and the second sequence of bytes.
22. A system for authenticating a client device using a verification procedure, the system comprising: a first server configured to perform the steps of: receiving a first sequence of bytes from the client device, the first sequence of bytes generated at the client device, generating a second sequence of bytes based on the first sequence of bytes, and sending the second sequence of bytes to the client device; and a second server configured to perform the steps of: receiving the second sequence of bytes from the client device, verifying the client device based on the first sequence of bytes and the second sequence of bytes, and sending a token to the client device, wherein the token is used to authenticate the client device when the client device requests media data from the system.
23. The system as recited in claim 22 , further comprising: at the second server: receiving a request for media data from the client device; determining whether the client device is in possession of a valid token; and providing the media data to the client device in response to determining the client device is in possession of the valid token.
24. The system as recited in claim 22 , further comprising: at the first server: sending a keyed-hash message authentication code to the client device; and at the second server: receiving the keyed-hash message authentication code from the client device, and verifying the client device is further based on the received keyed-hash message authentication code.
25. The system as recited in claim 22 , further comprising: at the second server: receiving a value based on both the first sequence of bytes and the second sequence of bytes from the client device and verifying the client device is further based on the received value.
Unknown
May 26, 2015
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.